As the value and use of information continue to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes, thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for such systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, an information handling system may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
An information handling system can be configured in several different configurations ranging from a single, stand-alone computer system to a distributed, multi-device computer system, to a networked computer system with remote or cloud storage systems.
Information handling systems of all types are susceptible to rootkits, i.e., any software application, program, or code designed to permit a presumably unauthorized user to access information handling system resources without detection. Rootkits may conceal privileged access to a system and may often enable ongoing operation of malware that can access and misuse data for criminal and other illicit purposes.
Sophisticated rootkits may subvert data presented to the operating-system, anti-virus/anti-malware software, and system administrators to avoid detection and removal. A rootkit might, as an example, return an inaccurate representation of disk data to anti-virus software. Rootkit detection is further complicated, perhaps somewhat ironically, by the common use of encryption technology, virtualization, and remote storage systems.